A method for classifying a signal is disclosed. The method can be used by a station or stations within a network to classify the signal as non-cooperative (NC) or a target signal. The method performs classification over channels within a frequency spectrum. The percentage of power above a first threshold is computed for a channel. Based on the percentage, a signal is classified as a narrowband signal. If the percentage indicates the absence of a narrowband signal, then a lower second threshold is applied to confirm the absence according to the percentage of power above the second threshold. The signal is classified as a narrowband signal or pre-classified as a wideband signal based on the percentage. Pre-classified wideband signals are classified as a wideband NC signal or target signal using spectrum masks.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for detecting and classifying a denial of service (DoS) attacker, the method comprising: receiving, at a radio frequency (RF) detector, RF signals received by a target radio over a radio frequency range of interest; generating statistical data based upon the received RF signals; detecting a potential DoS attacker by identifying a change in communication quality based on the statistical data; determining that the change in communication quality occurs over different parts of the radio frequency range of interest over a period of time; and classifying the potential DoS attacker as an active DoS attacker.
2. The method of claim 1 , further comprising classifying the potential DoS attacker as a reactive DoS attacker if a number of connection re-establishment attempts are present.
3. The method of claim 1 , further comprising periodically maintaining a database of spectrum history and statistics.
4. The method of claim 1 , wherein the statistics comprise an indication of how often the target radio changes frequency of operation due to poor network operation, poor connectivity, or both.
5. The method of claim 1 , further comprising monitoring frequencies previously used by the target radio to validate whether the change in communication quality is an attempted DoS attack.
6. A method for detecting and classifying a denial of service (DoS) attacker, the method comprising: receiving, at a radio frequency (RF) detector, RF signals received by a target radio over a radio frequency range of interest; generating statistical data based upon the received RF signals; detecting a potential DoS attacker by identifying a change in communication quality based on the statistical data; determining that the change in communication quality occurs over a static portion of the radio frequency range of interest over a period of time; and classifying the potential DoS attacker as a static DoS attacker.
7. The method of claim 6 , further comprising classifying the potential DoS attacker as a reactive DoS attacker if a number of connection re-establishment attempts are present.
8. The method of claim 6 , further comprising periodically maintaining a database of spectrum history and statistics.
9. The method of claim 6 , wherein the statistics comprise an indication of how often the target radio changes frequency of operation due to poor network operation, poor connectivity, or both.
10. The method of claim 6 , further comprising monitoring frequencies previously used by the target radio to validate whether the change in communication quality is an attempted DoS attack.
11. A method for detecting and classifying a denial of service (DoS) attacker, the method comprising: receiving, at a radio frequency (RF) detector, RF signals received by a target radio over a radio frequency range of interest; generating statistical data based upon the received RF signals, the statistics comprising an indication of how often the target radio changes frequency of operation due to poor network operation, poor connectivity, or both; detecting a potential DoS attacker by identifying a change in communication quality based on the statistical data; and classifying the potential DoS attacker based on the statistical data.
12. The method of claim 11 , further comprising classifying the potential DoS attacker as a reactive DoS attacker if a number of connection re-establishment attempts are present.
13. The method of claim 11 , further comprising periodically maintaining a database of spectrum history and statistics.
14. The method of claim 11 , further comprising monitoring frequencies previously used by the target radio to validate whether the change in communication quality is an attempted DoS attack.
15. A method for detecting and classifying a denial of service (DoS) attacker, the method comprising: receiving, at a radio frequency (RF) detector, RF signals received by a target radio over a radio frequency range of interest; generating statistical data based upon the received RF signals; detecting a potential DoS attacker by identifying a change in communication quality based on the statistical data; monitoring frequencies previously used by the target radio to validate whether the change in communication quality is an attempted DoS attack; and classifying the potential DoS attacker.
16. The method of claim 15 , further comprising classifying the potential DoS attacker as a reactive DoS attacker if a number of connection re-establishment attempts are present.
17. The method of claim 15 , further comprising periodically maintaining a database of spectrum history and statistics.
18. The method of claim 15 , wherein the statistics comprise an indication of how often the target radio changes frequency of operation due to poor network operation, poor connectivity, or both.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
November 1, 2011
July 29, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.